LDAP madness!
Hi all,
LDAP!
I have successfully managed to get a working LDAP installation for Unix
clients, nss & pam logins work fine, even alongside the current NIS setup
for testing purposes!
I am now trying to get the samba integration working for the Windows
machines on this network....what a royal PITA this is proving to be!!
I can get the structure into the DB alright, and "finger" returns user
information.....smbldap-useradd and smbldap-password work fine, and
anonymous binds (when using smbclient -L <server>) work well too ... the
trouble is that I cannot get authenticated logings via Samba to work - I am
only trying on the command line for the time being..
The relevant portion (I believe) from the server smb.conf file is:
######## LDAP authentication ########
netbios name = cholet
enable privileges = yes
ldap passwd sync = Yes
passdb backend = ldapsam:ldap://127.0.0.1
ldap admin dn = cn=admin,dc=wimbledon
ldap suffix = dc=wimbledon
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
#ldap ssl = start_tls
ldap delete dn = Yes
passwd program = /usr/sbin/smbldap-passwd -u " %u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"et primary
group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
Logins from both the PDC and other samba boxes fail with :
session setup failed: NT_STATUS_LOGON_FAILURE
I am using Sarge on an Intel box for the server - does anyone have a working
installation of Samba/LDAP that could help iron these problems out...?
Cheers,
Pete.
Reply to: